According to a report on RFI (sorry, all audio in french), the court was told by a Canadian company that filtering based on country was very simple and they had a product (or patent, it went by quickly) to do this. Could this be iCraveTV? The report didn't say.
So the judge is going to wait a month (because the whole country goes on vacation the month of August) and then appoint a commission to investigate if filtering can be done country by country. The anti-hate groups asked the judge to impose 1 million FRF fines for each day that french citizens could access nazi memorabilia on yahoo, but the judge declined to do so until after the commission issues a preliminary report.
What might happen if yahoo doesn't implement some kind of system (it doesn't have to be 100%, just good enough) is that all french ISPs will be forced to drop all packets to/from yahoo's IP address range. They could have their business licenses revoked if they don't.
I understand why many european countries have laws against nazism. There is still a very strong racial hatred powering extremist politics using nazism as a symbol. In a region where memories of wrongdoing go back 1500 years, events that happened to people still alive are very recent. The war may have ended, but nazism was not eradicated, only driven underground. The anti-hate laws are there to remove the fuel from the fire, in the hopes that in another few generations the worst of the hatred will be extinguished.
It is interesting to see how american court cases try to attack "dirty pictures" outside the US, where nobody cares if women bare their breasts on the beach. There is a double standard at work, and when an american company is on the losing end of a judgement, americans hear more about it. The double standard goes both ways, when european companies lose to american laws, only europeans hear the rants.
Hackers consider themselves members of an elite meritocracy based on ability and trade hacker techniques and "war stories" amongst themselves in Usenet forums, local or regional clubs, and national conferences, such as the annual Def Con Computer Underground Convention held in Las Vegas.
They almost got it right, but then the report throws the underground movement in with the creative hackish crowd. Granted, they mostly go together, but I'd have associated DefCon, HacTic, CCCC, HOPE and the other cons with the cracker crowd. I've been to many of the cons in europe and the US, and ALL the discussions revolved around criminal activity, NONE of it was about building better IP stacks or the pros and cons of threads in kernel space.
The rest of the report uses Hacker in place of the term cybercriminal.
In the middle of page 20 is a distorted look at a TCP intercept attack. It isn't necessary to DoS computer B to predict a TCP sequence number and redirect the TCP flow to computer A. There seems to be a lot of misunderstandings like this through the rest of the report.
All in all, this is an excellent look at the type of information used to train law enforcement. This is the level of detail they are taught, and then they have to extrapolate this to each case they handle. They even quote a 20 year old entry in the Jargon Dictionary that telnet on a TOPS-10 is called IMPCOM. Any/. readers know a still running TOPS-10 (or 20) system?
In the intel chips from 286 days on, the opcode is known as LoadAll. Do a web search, and look for a few well written papers on how it works. There is still a protected 0x180 bytes at the bottom of the memory stack for accidental tripping of LoadAll in all versions of micr~1.oft operating systems including win2k. Grep the linux kernel for references to LoadAll, even linux deals with it.
What you put there is up to you, but you better know exactly what the CPU will do with it, and how the machine will respond. Not impossible, but difficult.
The even greater difficulty is getting around the millions of combinations of OS, hardware, and chip revisions to do anything useful. So even though a single opcode exists in all intel CPUs, nobody has ever been able to make a general purpose exploit.
No, CBT hasn't updated anything in the last few years. My own opinion of them is pretty low for professional use, you'll notice I didn't say they were good. But for basic introduction some people tend to find it useful. What I liked about it was that we could hand out the CDs to incoming people with absolutely no unix experience, and keep them busy for a few days. At the end of it we would ask them if they would like to continue with CBT or jump into the job with O'reilly Nutshell books. Guess which they all chose?
I've seen demos of a few other learning systems, which seemed better for taking students through some basic tasks. But none of them are a substitute for an instructor and hands-on learning.
The problem here is that the school district doesn't have any expertise to draw on, so they have to start somewhere. Maybe there are some good tutorials on the web, but I haven't seen them. But a machine like that is a godsend to poor schools, it just has to be made accessible to the students and somehow they need to be shown all the wonderful things it can do besides just web browsing.
But they are NOT free, you are paying with BT connection charges.
In most parts of the US, local calls are free, known as flat rate calling plan. So freewwweb had to get their revenue from advertising.
So the "free" ISPs in England still cost for all the time you are connected, which is why the average brit is only online for 7 minutes per day, and the average american is online for 33 minutes/day.
Go read NTK for the continuing saga of oftel trying to force BT into offering an american style flat local calling fee for anyone who wants it. The same fight is shaping up in france and germany.
Its a shame a good service like freewwweb can't make it in the american market place. They were very friendly to all users, not just the windoze users, and that made the BSD/linux/mac/amiga communities very happy. Juno is a horrific company who pander only to those who they can make huge profits from with very little in return. They target the completely ignorant users who don't realise what a real connection to the internet should be.
Get some computer based training courses about unix for your students. CBT Systems has a few from intro level to advanced admin functions. There must be at least a dozen companies with some sort of Computer Based Learning systems out there. Search the web for a few.
Find the students who would like to learn unix as an extra-curricular activity, and assign some lessons to them. Lessons should include: - installing the operating system from scratch - installing security patches on the OS - basic system admin functions (adduser, backups,... ) - configuring email - installing a web server - basic network admin functions - find, install, and configure a public domain 3D rendering software package for SGI - make the rendering software usable by several simultaneous users - assign some students to render some 3D objects - assign some advanced students to create a small animation clip using freely available SGI software
and turn them loose. Make them write reports on what they have done for each lesson (so you can pass their reports to others to learn from).
After the first semester or so, there will be a hard-core group who will love the system. Use them to administrate the system. Others who only want to point and click on web browsers will not find it interesting, leave them to their macs and windoze machines.
Make sure you impress upon the core group they are responsible for keeping the system in a functioning state, usable by other students at any time (except for pre-announced down times, just like in a real company), and it must conform to your school districts policy (no launching DDoS, no fake e-mail, no warez). When they become responsible for keeping the system clean, they tend to become extremely good at keeping the black hats off the system.
I haven't downloaded the story yet, but I'm sure it will turn up on gnutella in a few minutes. Hey! There it is.
It could be kind of fun sending in your dollar with a little note for Steven telling him how much you enjoyed the chapter. A nightmare for his staff to open all those letters and pull out the cash, since they can't just toss all the fanmail into the trash from now on:-)
I was visiting my ex last week in the US, she works for a large advertising firm. They just got the largest ad contract in the company's history from a Political Action Committee representing the drug and health companies who have a stranglehold on the US market. She earned twice her yearly salary from the bonus for this one contract, and they didn't even try hard for it.
The surprising news is that dozens of other PR and ad firms also got similar contracts at the same time. The total amount to be spent will be more than all the presidential campaigns together estimated to be between US$90 million and US$220 million. Just to convince the US citizens to vote one way or another on some health reform law. Billions are at stake. The are so desperate, they are giving the ad agencies money to refund to other clients and buy out their ad spaces on tele and in print.
I prefer the old fashioned way, where someone outside the polling station hands you $5 and tells you which candidate to vote for.:-)
This is my post. I half way expected to get a flamebait rating or two. There are more reasons than just money why an obviously guilty man beat the system, but his millions were the biggest factor. It really was to spark a discussion on how the MPAA is throwing huge amounts of money directly and indirectly into winning this case. It is a precedent setter, and they can't afford to lose.
Let the moderation system do its job. For every person throwing around a few bad mods, there are at least five others doing a good job. I've got the karma to spare:-)
[hey, cmdrTaco! There needs to be more moderation points given out just to combat all the pr0n posts and juvenile offtopics rants which are cluttering/.]
Didn't americans learn anything from the OJ Simpson case?
If you have enough money, you can buy any court decision you want. Right and Wrong haven't applied in decades. The MPAA has tons of money to spend to defend their monopoly, and the lack of morals and scruples to do so.
This case will be lost because the judge is well in the pockets of MPAA. The only hope is to bring this obvious fact out in the appeals court, and get the ruling overturned.
I'm one of those "high paid" consultants. Certainly I know better.
The problem lies with the many ISPs who can't or will not hire competent network admins to maintain the routers after I get them set up.
When I get the routers set up for the first time, the routers closest to the edges will have ACLs conforming to the industry best practices mentioned in RFC2827, and will drop RFC1918 packets. The core routers have only minimal ACLs to prevent security problems such as telnet and SNMP. Core routers are not the place to do heavy filtering, since they are usually overburdened.
When I leave, there is always documentation for the normal netAdmins to pick up where I left off. But many times I've gone back to client sites and found nothing has been touched since I was last there. If there are new admins, they are usually so clueless they don't touch anything the "high paid" consultant implemented. Even when there are comments to them about things to be changed.
Education is the biggest problem right now. The training courses cost too much, and the content can't keep up with all the advances over the last few years. I've spent over US$10,000 of my own money in the last 2 years just keeping my own skills up to date. I don't really expect every Net Admin to do the same, but their employers should be forcing them into at least a few classes each year.
All the routers in an ISP need to be reviewed on a regular basis, and carefully audited for each expansion. But most ISPs are so low margin they just get some high school dropouts to help out and hope for the best. Only when their upstream provider threatens them do they call me back for a quick audit and fix job.
It doesn't mean that only 10% of their audience does old searches and 90% does recent searches. It means that 90% of their audience occasionally need to do older searches.
I would say that 10%-20% of my searches are for older information. Especially for hints that someone else has already solved a problem I am up against. Mostly I search comp.dcom.* and related alt groups. Quite often I am working on systems installed 10 or 20 years ago, and many people have documented what they have done in similar situations. A solution posted 5 years ago is still relevant to a problem today.
So when they cut out 10% of their traffic, why did their total hits decrease by 60%? Because they pissed off 60% of their user base enough to abandon the system. Thats a pretty bad move for any company. Its why they have had to lay off 10%-20% of their workforce, and abandon their IPO.
With any luck, a new company will buy a copy of deja's archives in the bankruptcy sale and do something useful with it.
If you could get a high quality search engine with archives going back for many years (at least 1991 would be nice), I'd pay for a subscription to a service like that. But a free front end with ads would be acceptable.
I have several clients who have almost completely abandoned deja because the quality has disappeared. They've asked me how hard (i.e. how much $$$) it would be to set up a similar service for them internally. I give them the cost estimates for a full time usenet+searchengine system admin and a pair of good machines. Then they ask if there is a company out there who would do the same thing for less money than the US$100k/year it would cost to do it themselves.
It would be especially nice to see corporate accounts set up as well, so any employee in a company could do high quality searches.
My own opinions on deja are pretty vituperous right now. If you could buy a copy of their old archives and provide a better service than those losers, you'd have a fairly large audience. Try doing what dejanews did when they started, going around to usenet admins and asking for copies of backup tapes. Be prepared to get old DC-150 carts and 9 track reel to reel and many other esoteric formats. Could be a fun project:-)
I went and browsed a little bit for info on Alfred E. Neuman (what, me worry?) from one of my honeypot machines. (OT, there are a lot of A.E. Neumans out there:-)
Saw a number of portscans from stats.555-1212.com (209.10.41.43). Not just ports 137/138/139, but also 80, 23, and a few of others. It looks like a modified nmap in slow stealth mode.
I'll have to try from a windoze based honeypot and see what they are trying to dig out of netbios shares.
I'll be contacting globix.net security about this system and its obvious violation of their AUP, but they've got a reputation for ignoring abuses about paying commercial customers.
But part of the fun of/. is watching the conspiracy theories go off on wild tangents with no basis is reality. It reminds us of how ignorant and gullible the lesser-educated amongst us tend to think. The conspiracy theories are great distraction from the real issues at hand, and in that confusion there is profit.
Perhaps roblimo's post here will scare off some of the conspiracy mongering idiots who tend to dilute the conversations on slashdot. That could help make the conversations a little more focused and informative.
I've started browsing at +3 to cut down on all the useless chatter on slashdot. Maybe things will get better if people read this clearly informative editorial and glean some understanding. Naahhhhh, its more fun to flame a big mysterious conspiracy:-)
Rumours were floating around a while back there was some minor glitches found with the bluetooth spec or implementation. Something to do with not gracefully handling fallback when hundreds of bluetooth devices were all within sight of each other. There was a slight change to make it all work better, and it looks like it was decided to go ahead and incorporate the change before ramping up production.
If that's the case, we need to applaud motorola and ericson for taking a responsible action. This will only make the product better. Its not like they are going to be losing that critical market share by slipping a few months, there are no other players with anything close to bluetooth right now.
This used to be a question on the FCC first class license exam.
There is a hierarchy of certifications, based on the utility of the device to the public good.
At the top is civil defence and emergency communications. Nobody can interfere with them. They can interfere with just about anyone and get away with it.
Then comes public safety, such as aeronautics comms, police and ambulance. Nobody should interfere with them, but no guarantees. Pilots occasionally note some interference from government comms, but can't do much more than switch to another frequency.
Further down the list are public broadcast stations, radio and TV. They are also serving the public good, unless you look at their bland content:-) Normal people should not be interfering with TV broadcasts, this means your power drill or computer interfering with your neighbors soap opera is a bad thing. If your neighbor complains, you must stop using your drill or switch off your computer.
At the bottom of the shitpile is consumer electronics. If a TV transmitter is interfering with your gear, tough shit. You have to accept the interference. No complaining. Your device also can not create any interference with any of the more privileged services such as airplane radios or emergency comms.
I've installed a pair of Netra 1400t space heaters which currently support >200 A-links. The big linksets often run 12 or more links. Total traffic of 160 erlangs getting routed on 64k ITU links.
But you are right, most SPs run on Sun Solaris or HP UX boxes. The underlying OS generally doesn't get in the way of software. The real-time means transit times measured in tens of milliseconds, no sweat for a dual 466 Mhz processor Netra.
Compare the traffic through an STP with a modern packet router. There is no comparison. The complexity doesn't come from the basic routing function, it comes from the reliability function. Calculating every link status, queue, congestion, acknowledgement and timer adds a huge amount of overhead to the routing process. The state machine is enormous, and the few manufacturers of SS7 software go through a formal code review process to prove the state machine.
Given a stable linux distribution, an open telephony project could achieve the same results as the extremely expensive proprietary software. This will become more important as the european telco market opens up to real competition in the next decade. The small competitors will have to withstand a punishing pressure on their margins by the old monopoly players. By using a 'free' SP softswitch instead of a US$500k/year license will help their bottom line.
The biggest problem is going to be the PALNTSC conversion.
I haven't yet seen a multi-standard TV for sale in the US. They are 100% NTSC. In Europe I regularly see multi-standard PAL/SECAM/NTSC TVs.
But I haven't been looking at the newest 16x9 TVs, maybe they will support any signal coming from a DVD player.
On the continent, many large chains such as FNAC in Belgium sell zoneless (zonderZone) DVD players. What they do is for an extra few hundred BEF, they 'burn out' the zone chip so the machines will play DVDs from any zone. They do this in the store when you buy the unit, so in case something goes wrong, they just grab another unit for you. They claim 80% of customers pay extra for zone-free systems, even if they don't plan on getting cheap DVDs from other zones any time soon.
Some of my Aussie friends have brought back a bunch of pirated DVDs from passing through Singapore and Bangkok. They have had no problem playing all those DVDs on their zoneless players, and I'm sure some of them are NTSC/zone 1 disks.
The biggest complaint I have seen is the copy protection scheme on the video output. The sync levels get changed every few seconds making cheap TVs and all tape units lose the picture. Maybe you can look into buying a level restorer to clean up the video signal, and it may also do PAL to NTSC conversion for you.
And what happened to the DVD boycott until deCSS and DMCA battles are won?:-)
Why fight for the right to buy expensive gear and to consume lots of electricity to broadcast over a small geographic area, when you could reach the whole world by setting up a station on the Internet?"
Because most people don't have internet connections with enough bandwidth to bother listening to online radio stations. Certainly not in cars. Certainly not outside while gardening or car washing. Because your local community is a lot smaller than the whole internet. Because everyone has radios, and every car has an FM receiver.
Small stations don't suck lots of electricity. A station can be set up for a few thousand dollars, not much more than the price of a good computer and the cost of a reliable broadband internet connection.
The upside of being a community broadcaster means you can sell advertising to local merchants. The small local merchants need to advertise to stay in business, and large national radio broadcasts are too expensive and cover too wide an audience.
I used to help run a small pira^H^H^H^Hcommunity station. We used to sell an hour or four to a local shop, and the owner would give us their record collection to play during that time. Then all the shops in the area would tune in just to hear that program. It meant we were all over the board, from classical to polka to jazz. We offered our own programs like punk music (never heard on the BBC), new wave music, RPG discussions, and we sold local adverts to pay the electric bills. When we added an early morning farm report, we became the most listened to station in the area. The local school is still running that station, but its way too professional for me now:-)
Dejanews used to keep archives as far back as they could. It started when some university students restored a bunch of backup tapes containing usenet directories. There were posts going all the way back to 1984 for some low volume newsgroups such as comp.risks. Most of the posts only went back to 1989 for higher volume groups. The original research project was on mass-indexing the same way web search engines such as altavista work. The web didn't really exist when dejanews got started in 1991 or 1992, they were looking to the largest body of information to work on at the time, and usenet was it.
I remember posts going around at some point looking for copies of old backup tapes. I stopped sysadmining a usenet server in 1992, so that dates the project. The first interfaces were gopher and archie.
It has never been sold. The founder still works there.
I wouldn't know about this, but the original student project was launched as dejanews.com. In 1995, deja.com bought the dejanews.com site, and I presume kept the original founders. But that was the beginning of the slide towards the lowest common denominator at the expense of their largest user base.
1) has no facts After the layoffs last month, I had several technical types shopping around for work. That is what alerted me to a shakeup.
3) is an ass No argument there. But I'd still love to see deja wake up to the fact they have a large number of niche audiences rather than pander to the single largest one. The site is still somewhat useful, even if we can no longer access all the great old usenet posts.
the AC
Re:that "seemingly clueful post"...
on
MAPS vs. ORBS
·
· Score: 3
Some traceroutes to orbs.org from a handful of places on the internet. Edited for brevity. The !H results are ICMP No Route to Host responses.
Traceroute Output that fails because above.net eats the traffic... FROM www.isp.at TO orbs.org. traceroute to orbs.org (202.36.148.21), 30 hops 4 Vix-ATM-155.inode.at (195.58.160.209) 5.048 ms 12.202 ms 12.646 ms 5 vix.above.net (193.203.0.45) 7.672 ms 5.304 ms 8.382 ms 6 208.184.102.49 (208.184.102.49) 6.614 ms 6.674 ms 7.122 ms 7 208.184.102.130 (208.184.102.130) 30.216 ms 29.016 ms 30.927 ms 8 208.184.102.142 (208.184.102.142) 28.991 ms 32.004 ms 29.605 ms 9 208.184.102.138 (208.184.102.138) 51.13 ms 51.809 ms 50.449 ms 10 216.200.254.77 (216.200.254.77) 125.319 ms 126.959 ms 126.231 ms 11 core1-core3-oc48.iad.above.net (209.249.203.34) 126.821 ms 126.721 ms 125.09 ms 12 207.126.96.121 (207.126.96.121) 207.957 ms !H 207.261 ms !H 206.349 ms !H
It seems that since the slashdot effect occurred a few hours ago, Vixie and others are taking steps to fix this problem. Sometimes things happen very rapidly on the internet, when enough voices are complaining.
One of the problems occuring in this epic battle (must make it seem bigger and more dramatic than it really is) is above.net playing games with the BGP4 routing tables.
Since I am off in remote (in internet terms) places on a special project, I can't really see what is going on with the BGP routing tables. But people have been pinging me over the last few days because someone is poisoning the route info to get to ORBS.
Someone is injecting false BGP4 routing information into the internet, to advertise shorter routes to the whole class B subnet (202.36/16) containing ORBS class C subnets (202.36.148/24). This effectively sucks all the traffic to their routers and then to/dev/null. It certainly is causing problems in Europe, even though the guilty party mostly hauls traffic across the pacific ocean. It is also causing neigboring sites in 202.36/16 to disappear.
I'll leave it up to the rest of the/. community to argue the finer points of who is evil, who is selling out, who is saintly, who is spamming/cracking. Most of it is name calling. A real, old-fashioned internet flame fest!
I was a bit concerned by/.'s slowness in posting this story. Its been all over news.admin.net-abuse and #NANAE since mid-may. Give it a few more days, and someone will yield, hopefully ORBS and Alan's uncooperative policy of victory at any cost.
From today's fortune, an appropriate quote: Carson's Consolation: Nothing is ever a complete failure. It can always be used as a bad example. I nominate deja.
Dejanews used to be one of the best sites on the internet. It was possible to search through posts as far back as 1984.
Then it was bought by some money hungry dotcom wannabe marketing assholes, who proceeded to gut all the best parts of the site. First they eliminated all the oldest posts, just to focus on more recent content. Then they changed the interface to be all marketing oriented, but backed off when hits dropped to less than 10% of the pre-change interface. They now hide the "classic deja" interface as much as they can, and prevent any direct linking into the interface. They tried to become a portal, but nobody ever used the site as a portal.
More recently, hits have dropped to an all time low, so the idiots in charge decided to alienate even more users by dropping all posts more than 1 year old from the search engines. They claimed that no more than 25% of searchers were looking for articles going back more than 1 year. Since then deja hits are even lower.
Now they are desperate to generate a few more clicks by throwing links all over other peoples posts. Look at all the complaints it is generating on/. It's clear their management is ignoring all user feedback, but thats not news. They fired all their customer support and research people at the beginning of June.
Read some of the doom and gloom sites for details on the withdrawn IPO and laying off 20% or more of their workforce. The layoffs were mostly in the technical and support groups, as management focuses on re-inventing marketing on the site.
Soon, deja will be completely forgotten as a resource on the internet. I've almost stopped using it, but I haven't found any good replacement.
Slashdot Mirror
According to a report on RFI (sorry, all audio in french), the court was told by a Canadian company that filtering based on country was very simple and they had a product (or patent, it went by quickly) to do this. Could this be iCraveTV? The report didn't say.
So the judge is going to wait a month (because the whole country goes on vacation the month of August) and then appoint a commission to investigate if filtering can be done country by country. The anti-hate groups asked the judge to impose 1 million FRF fines for each day that french citizens could access nazi memorabilia on yahoo, but the judge declined to do so until after the commission issues a preliminary report.
What might happen if yahoo doesn't implement some kind of system (it doesn't have to be 100%, just good enough) is that all french ISPs will be forced to drop all packets to/from yahoo's IP address range. They could have their business licenses revoked if they don't.
I understand why many european countries have laws against nazism. There is still a very strong racial hatred powering extremist politics using nazism as a symbol. In a region where memories of wrongdoing go back 1500 years, events that happened to people still alive are very recent. The war may have ended, but nazism was not eradicated, only driven underground. The anti-hate laws are there to remove the fuel from the fire, in the hopes that in another few generations the worst of the hatred will be extinguished.
It is interesting to see how american court cases try to attack "dirty pictures" outside the US, where nobody cares if women bare their breasts on the beach. There is a double standard at work, and when an american company is on the losing end of a judgement, americans hear more about it. The double standard goes both ways, when european companies lose to american laws, only europeans hear the rants.
the AC
Hackers consider themselves members of an elite meritocracy based on ability and trade hacker techniques and "war stories" amongst themselves in Usenet forums, local or regional clubs, and national conferences, such as the annual Def Con Computer Underground Convention held in Las Vegas.
/. readers know a still running TOPS-10 (or 20) system?
They almost got it right, but then the report throws the underground movement in with the creative hackish crowd. Granted, they mostly go together, but I'd have associated DefCon, HacTic, CCCC, HOPE and the other cons with the cracker crowd. I've been to many of the cons in europe and the US, and ALL the discussions revolved around criminal activity, NONE of it was about building better IP stacks or the pros and cons of threads in kernel space.
The rest of the report uses Hacker in place of the term cybercriminal.
In the middle of page 20 is a distorted look at a TCP intercept attack. It isn't necessary to DoS computer B to predict a TCP sequence number and redirect the TCP flow to computer A. There seems to be a lot of misunderstandings like this through the rest of the report.
All in all, this is an excellent look at the type of information used to train law enforcement. This is the level of detail they are taught, and then they have to extrapolate this to each case they handle. They even quote a 20 year old entry in the Jargon Dictionary that telnet on a TOPS-10 is called IMPCOM. Any
the AC
In the intel chips from 286 days on, the opcode is known as LoadAll. Do a web search, and look for a few well written papers on how it works. There is still a protected 0x180 bytes at the bottom of the memory stack for accidental tripping of LoadAll in all versions of micr~1.oft operating systems including win2k. Grep the linux kernel for references to LoadAll, even linux deals with it.
What you put there is up to you, but you better know exactly what the CPU will do with it, and how the machine will respond. Not impossible, but difficult.
The even greater difficulty is getting around the millions of combinations of OS, hardware, and chip revisions to do anything useful. So even though a single opcode exists in all intel CPUs, nobody has ever been able to make a general purpose exploit.
the AC
No, CBT hasn't updated anything in the last few years. My own opinion of them is pretty low for professional use, you'll notice I didn't say they were good. But for basic introduction some people tend to find it useful. What I liked about it was that we could hand out the CDs to incoming people with absolutely no unix experience, and keep them busy for a few days. At the end of it we would ask them if they would like to continue with CBT or jump into the job with O'reilly Nutshell books. Guess which they all chose?
I've seen demos of a few other learning systems, which seemed better for taking students through some basic tasks. But none of them are a substitute for an instructor and hands-on learning.
The problem here is that the school district doesn't have any expertise to draw on, so they have to start somewhere. Maybe there are some good tutorials on the web, but I haven't seen them. But a machine like that is a godsend to poor schools, it just has to be made accessible to the students and somehow they need to be shown all the wonderful things it can do besides just web browsing.
the AC
But they are NOT free, you are paying with BT connection charges.
In most parts of the US, local calls are free, known as flat rate calling plan. So freewwweb had to get their revenue from advertising.
So the "free" ISPs in England still cost for all the time you are connected, which is why the average brit is only online for 7 minutes per day, and the average american is online for 33 minutes/day.
Go read NTK for the continuing saga of oftel trying to force BT into offering an american style flat local calling fee for anyone who wants it. The same fight is shaping up in france and germany.
Its a shame a good service like freewwweb can't make it in the american market place. They were very friendly to all users, not just the windoze users, and that made the BSD/linux/mac/amiga communities very happy. Juno is a horrific company who pander only to those who they can make huge profits from with very little in return. They target the completely ignorant users who don't realise what a real connection to the internet should be.
the AC
Get some computer based training courses about unix for your students. CBT Systems has a few from intro level to advanced admin functions. There must be at least a dozen companies with some sort of Computer Based Learning systems out there. Search the web for a few.
Find the students who would like to learn unix as an extra-curricular activity, and assign some lessons to them. Lessons should include:
- installing the operating system from scratch
- installing security patches on the OS
- basic system admin functions (adduser, backups,... )
- configuring email
- installing a web server
- basic network admin functions
- find, install, and configure a public domain 3D rendering software package for SGI
- make the rendering software usable by several simultaneous users
- assign some students to render some 3D objects
- assign some advanced students to create a small animation clip using freely available SGI software
and turn them loose. Make them write reports on what they have done for each lesson (so you can pass their reports to others to learn from).
After the first semester or so, there will be a hard-core group who will love the system. Use them to administrate the system. Others who only want to point and click on web browsers will not find it interesting, leave them to their macs and windoze machines.
Make sure you impress upon the core group they are responsible for keeping the system in a functioning state, usable by other students at any time (except for pre-announced down times, just like in a real company), and it must conform to your school districts policy (no launching DDoS, no fake e-mail, no warez). When they become responsible for keeping the system clean, they tend to become extremely good at keeping the black hats off the system.
the AC
How about mailing him a dollar?
:-)
I haven't downloaded the story yet, but I'm sure it will turn up on gnutella in a few minutes. Hey! There it is.
It could be kind of fun sending in your dollar with a little note for Steven telling him how much you enjoyed the chapter. A nightmare for his staff to open all those letters and pull out the cash, since they can't just toss all the fanmail into the trash from now on
the AC
I was visiting my ex last week in the US, she works for a large advertising firm. They just got the largest ad contract in the company's history from a Political Action Committee representing the drug and health companies who have a stranglehold on the US market. She earned twice her yearly salary from the bonus for this one contract, and they didn't even try hard for it.
:-)
The surprising news is that dozens of other PR and ad firms also got similar contracts at the same time. The total amount to be spent will be more than all the presidential campaigns together estimated to be between US$90 million and US$220 million. Just to convince the US citizens to vote one way or another on some health reform law. Billions are at stake. The are so desperate, they are giving the ad agencies money to refund to other clients and buy out their ad spaces on tele and in print.
I prefer the old fashioned way, where someone outside the polling station hands you $5 and tells you which candidate to vote for.
the AC
This is my post. I half way expected to get a flamebait rating or two. There are more reasons than just money why an obviously guilty man beat the system, but his millions were the biggest factor. It really was to spark a discussion on how the MPAA is throwing huge amounts of money directly and indirectly into winning this case. It is a precedent setter, and they can't afford to lose.
:-)
/.]
Let the moderation system do its job. For every person throwing around a few bad mods, there are at least five others doing a good job. I've got the karma to spare
[hey, cmdrTaco! There needs to be more moderation points given out just to combat all the pr0n posts and juvenile offtopics rants which are cluttering
the AC
Didn't americans learn anything from the OJ Simpson case?
If you have enough money, you can buy any court decision you want. Right and Wrong haven't applied in decades. The MPAA has tons of money to spend to defend their monopoly, and the lack of morals and scruples to do so.
This case will be lost because the judge is well in the pockets of MPAA. The only hope is to bring this obvious fact out in the appeals court, and get the ruling overturned.
the AC
I'm one of those "high paid" consultants. Certainly I know better.
The problem lies with the many ISPs who can't or will not hire competent network admins to maintain the routers after I get them set up.
When I get the routers set up for the first time, the routers closest to the edges will have ACLs conforming to the industry best practices mentioned in RFC2827, and will drop RFC1918 packets. The core routers have only minimal ACLs to prevent security problems such as telnet and SNMP. Core routers are not the place to do heavy filtering, since they are usually overburdened.
When I leave, there is always documentation for the normal netAdmins to pick up where I left off. But many times I've gone back to client sites and found nothing has been touched since I was last there. If there are new admins, they are usually so clueless they don't touch anything the "high paid" consultant implemented. Even when there are comments to them about things to be changed.
Education is the biggest problem right now. The training courses cost too much, and the content can't keep up with all the advances over the last few years. I've spent over US$10,000 of my own money in the last 2 years just keeping my own skills up to date. I don't really expect every Net Admin to do the same, but their employers should be forcing them into at least a few classes each year.
All the routers in an ISP need to be reviewed on a regular basis, and carefully audited for each expansion. But most ISPs are so low margin they just get some high school dropouts to help out and hope for the best. Only when their upstream provider threatens them do they call me back for a quick audit and fix job.
the AC
The 10% number is a bit misleading.
It doesn't mean that only 10% of their audience does old searches and 90% does recent searches. It means that 90% of their audience occasionally need to do older searches.
I would say that 10%-20% of my searches are for older information. Especially for hints that someone else has already solved a problem I am up against. Mostly I search comp.dcom.* and related alt groups. Quite often I am working on systems installed 10 or 20 years ago, and many people have documented what they have done in similar situations. A solution posted 5 years ago is still relevant to a problem today.
So when they cut out 10% of their traffic, why did their total hits decrease by 60%? Because they pissed off 60% of their user base enough to abandon the system. Thats a pretty bad move for any company. Its why they have had to lay off 10%-20% of their workforce, and abandon their IPO.
With any luck, a new company will buy a copy of deja's archives in the bankruptcy sale and do something useful with it.
the AC
If you could get a high quality search engine with archives going back for many years (at least 1991 would be nice), I'd pay for a subscription to a service like that. But a free front end with ads would be acceptable.
:-)
I have several clients who have almost completely abandoned deja because the quality has disappeared. They've asked me how hard (i.e. how much $$$) it would be to set up a similar service for them internally. I give them the cost estimates for a full time usenet+searchengine system admin and a pair of good machines. Then they ask if there is a company out there who would do the same thing for less money than the US$100k/year it would cost to do it themselves.
It would be especially nice to see corporate accounts set up as well, so any employee in a company could do high quality searches.
My own opinions on deja are pretty vituperous right now. If you could buy a copy of their old archives and provide a better service than those losers, you'd have a fairly large audience. Try doing what dejanews did when they started, going around to usenet admins and asking for copies of backup tapes. Be prepared to get old DC-150 carts and 9 track reel to reel and many other esoteric formats. Could be a fun project
the AC
I went and browsed a little bit for info on Alfred E. Neuman (what, me worry?) from one of my honeypot machines. (OT, there are a lot of A.E. Neumans out there :-)
Saw a number of portscans from stats.555-1212.com (209.10.41.43). Not just ports 137/138/139, but also 80, 23, and a few of others. It looks like a modified nmap in slow stealth mode.
I'll have to try from a windoze based honeypot and see what they are trying to dig out of netbios shares.
I'll be contacting globix.net security about this system and its obvious violation of their AUP, but they've got a reputation for ignoring abuses about paying commercial customers.
the AC
...if you think about it.
/. is watching the conspiracy theories go off on wild tangents with no basis is reality. It reminds us of how ignorant and gullible the lesser-educated amongst us tend to think. The conspiracy theories are great distraction from the real issues at hand, and in that confusion there is profit.
:-)
But part of the fun of
Perhaps roblimo's post here will scare off some of the conspiracy mongering idiots who tend to dilute the conversations on slashdot. That could help make the conversations a little more focused and informative.
I've started browsing at +3 to cut down on all the useless chatter on slashdot. Maybe things will get better if people read this clearly informative editorial and glean some understanding. Naahhhhh, its more fun to flame a big mysterious conspiracy
the AC
I'll agree with that in this case.
Rumours were floating around a while back there was some minor glitches found with the bluetooth spec or implementation. Something to do with not gracefully handling fallback when hundreds of bluetooth devices were all within sight of each other. There was a slight change to make it all work better, and it looks like it was decided to go ahead and incorporate the change before ramping up production.
If that's the case, we need to applaud motorola and ericson for taking a responsible action. This will only make the product better. Its not like they are going to be losing that critical market share by slipping a few months, there are no other players with anything close to bluetooth right now.
the AC
cypherpunks/cypherpunks works as always.
the AntiCypher
This used to be a question on the FCC first class license exam.
:-) Normal people should not be interfering with TV broadcasts, this means your power drill or computer interfering with your neighbors soap opera is a bad thing. If your neighbor complains, you must stop using your drill or switch off your computer.
There is a hierarchy of certifications, based on the utility of the device to the public good.
At the top is civil defence and emergency communications. Nobody can interfere with them. They can interfere with just about anyone and get away with it.
Then comes public safety, such as aeronautics comms, police and ambulance. Nobody should interfere with them, but no guarantees. Pilots occasionally note some interference from government comms, but can't do much more than switch to another frequency.
Further down the list are public broadcast stations, radio and TV. They are also serving the public good, unless you look at their bland content
At the bottom of the shitpile is consumer electronics. If a TV transmitter is interfering with your gear, tough shit. You have to accept the interference. No complaining. Your device also can not create any interference with any of the more privileged services such as airplane radios or emergency comms.
the AC
I've installed a pair of Netra 1400t space heaters which currently support >200 A-links. The big linksets often run 12 or more links. Total traffic of 160 erlangs getting routed on 64k ITU links.
But you are right, most SPs run on Sun Solaris or HP UX boxes. The underlying OS generally doesn't get in the way of software. The real-time means transit times measured in tens of milliseconds, no sweat for a dual 466 Mhz processor Netra.
Compare the traffic through an STP with a modern packet router. There is no comparison. The complexity doesn't come from the basic routing function, it comes from the reliability function. Calculating every link status, queue, congestion, acknowledgement and timer adds a huge amount of overhead to the routing process. The state machine is enormous, and the few manufacturers of SS7 software go through a formal code review process to prove the state machine.
Given a stable linux distribution, an open telephony project could achieve the same results as the extremely expensive proprietary software. This will become more important as the european telco market opens up to real competition in the next decade. The small competitors will have to withstand a punishing pressure on their margins by the old monopoly players. By using a 'free' SP softswitch instead of a US$500k/year license will help their bottom line.
the AC
The biggest problem is going to be the PALNTSC conversion.
:-)
I haven't yet seen a multi-standard TV for sale in the US. They are 100% NTSC. In Europe I regularly see multi-standard PAL/SECAM/NTSC TVs.
But I haven't been looking at the newest 16x9 TVs, maybe they will support any signal coming from a DVD player.
On the continent, many large chains such as FNAC in Belgium sell zoneless (zonderZone) DVD players. What they do is for an extra few hundred BEF, they 'burn out' the zone chip so the machines will play DVDs from any zone. They do this in the store when you buy the unit, so in case something goes wrong, they just grab another unit for you. They claim 80% of customers pay extra for zone-free systems, even if they don't plan on getting cheap DVDs from other zones any time soon.
Some of my Aussie friends have brought back a bunch of pirated DVDs from passing through Singapore and Bangkok. They have had no problem playing all those DVDs on their zoneless players, and I'm sure some of them are NTSC/zone 1 disks.
The biggest complaint I have seen is the copy protection scheme on the video output. The sync levels get changed every few seconds making cheap TVs and all tape units lose the picture. Maybe you can look into buying a level restorer to clean up the video signal, and it may also do PAL to NTSC conversion for you.
And what happened to the DVD boycott until deCSS and DMCA battles are won?
the AC
Why fight for the right to buy expensive gear and to consume lots of electricity to broadcast over a small geographic area, when you could reach the whole world by setting up a station on the Internet?"
:-)
Because most people don't have internet connections with enough bandwidth to bother listening to online radio stations. Certainly not in cars. Certainly not outside while gardening or car washing. Because your local community is a lot smaller than the whole internet. Because everyone has radios, and every car has an FM receiver.
Small stations don't suck lots of electricity. A station can be set up for a few thousand dollars, not much more than the price of a good computer and the cost of a reliable broadband internet connection.
The upside of being a community broadcaster means you can sell advertising to local merchants. The small local merchants need to advertise to stay in business, and large national radio broadcasts are too expensive and cover too wide an audience.
I used to help run a small pira^H^H^H^Hcommunity station. We used to sell an hour or four to a local shop, and the owner would give us their record collection to play during that time. Then all the shops in the area would tune in just to hear that program. It meant we were all over the board, from classical to polka to jazz. We offered our own programs like punk music (never heard on the BBC), new wave music, RPG discussions, and we sold local adverts to pay the electric bills. When we added an early morning farm report, we became the most listened to station in the area. The local school is still running that station, but its way too professional for me now
the AC
1984?? They had archives back to april 1995.
Dejanews used to keep archives as far back as they could. It started when some university students restored a bunch of backup tapes containing usenet directories. There were posts going all the way back to 1984 for some low volume newsgroups such as comp.risks. Most of the posts only went back to 1989 for higher volume groups. The original research project was on mass-indexing the same way web search engines such as altavista work. The web didn't really exist when dejanews got started in 1991 or 1992, they were looking to the largest body of information to work on at the time, and usenet was it.
I remember posts going around at some point looking for copies of old backup tapes. I stopped sysadmining a usenet server in 1992, so that dates the project. The first interfaces were gopher and archie.
It has never been sold. The founder still works there.
I wouldn't know about this, but the original student project was launched as dejanews.com. In 1995, deja.com bought the dejanews.com site, and I presume kept the original founders. But that was the beginning of the slide towards the lowest common denominator at the expense of their largest user base.
1) has no facts
After the layoffs last month, I had several technical types shopping around for work. That is what alerted me to a shakeup.
3) is an ass
No argument there. But I'd still love to see deja wake up to the fact they have a large number of niche audiences rather than pander to the single largest one. The site is still somewhat useful, even if we can no longer access all the great old usenet posts.
the AC
Some traceroutes to orbs.org from a handful of places on the internet. Edited for brevity. The !H results are ICMP No Route to Host responses.
Traceroute Output that fails because above.net eats the traffic...
FROM www.isp.at TO orbs.org.
traceroute to orbs.org (202.36.148.21), 30 hops
4 Vix-ATM-155.inode.at (195.58.160.209) 5.048 ms 12.202 ms 12.646 ms
5 vix.above.net (193.203.0.45) 7.672 ms 5.304 ms 8.382 ms
6 208.184.102.49 (208.184.102.49) 6.614 ms 6.674 ms 7.122 ms
7 208.184.102.130 (208.184.102.130) 30.216 ms 29.016 ms 30.927 ms
8 208.184.102.142 (208.184.102.142) 28.991 ms 32.004 ms 29.605 ms
9 208.184.102.138 (208.184.102.138) 51.13 ms 51.809 ms 50.449 ms
10 216.200.254.77 (216.200.254.77) 125.319 ms 126.959 ms 126.231 ms
11 core1-core3-oc48.iad.above.net (209.249.203.34) 126.821 ms 126.721 ms 125.09 ms
12 207.126.96.121 (207.126.96.121) 207.957 ms !H 207.261 ms !H 206.349 ms !H
One that succeeds because 202.50/16 is not blackholed by above.net
Tracing the route to orbs.org (202.50.71.133)
...
9 telcomnz-gw.customer.ALTER.NET (157.130.224.90) [AS 701] 8 msec 8 msec 8 msec
10 s5-1-3.akbr1.netgate.net.nz (202.37.246.246) [AS 4648] 200 msec 204 msec 204 msec
11 xtra.akbr1.netgate.net.nz (202.37.245.150) [AS 4648] 148 msec 148 msec 148 msec
12 203.96.111.218 [AS 4648] 180 msec 156 msec 160 msec
13 210-55-195-1.dds.xtra.co.nz (210.55.195.1) [AS 4648] 356 msec 604 msec 888 msec
14 DMZrouter.manawatu.net.nz (202.50.71.26) [AS 9325] 248 msec 180 msec 340 msec
15 orbs.org (202.50.71.133) [AS 9325] 300 msec 428 msec 240 msec
It seems that since the slashdot effect occurred a few hours ago, Vixie and others are taking steps to fix this problem. Sometimes things happen very rapidly on the internet, when enough voices are complaining.
the AC
One of the problems occuring in this epic battle (must make it seem bigger and more dramatic than it really is) is above.net playing games with the BGP4 routing tables.
/dev/null. It certainly is causing problems in Europe, even though the guilty party mostly hauls traffic across the pacific ocean. It is also causing neigboring sites in 202.36/16 to disappear.
/. community to argue the finer points of who is evil, who is selling out, who is saintly, who is spamming/cracking. Most of it is name calling. A real, old-fashioned internet flame fest!
/.'s slowness in posting this story. Its been all over news.admin.net-abuse and #NANAE since mid-may. Give it a few more days, and someone will yield, hopefully ORBS and Alan's uncooperative policy of victory at any cost.
Since I am off in remote (in internet terms) places on a special project, I can't really see what is going on with the BGP routing tables. But people have been pinging me over the last few days because someone is poisoning the route info to get to ORBS.
Someone is injecting false BGP4 routing information into the internet, to advertise shorter routes to the whole class B subnet (202.36/16) containing ORBS class C subnets (202.36.148/24). This effectively sucks all the traffic to their routers and then to
I'll leave it up to the rest of the
I was a bit concerned by
the AC
From today's fortune, an appropriate quote: Carson's Consolation: Nothing is ever a complete failure. It can always be used as a bad example. I nominate deja.
/. It's clear their management is ignoring all user feedback, but thats not news. They fired all their customer support and research people at the beginning of June.
Dejanews used to be one of the best sites on the internet. It was possible to search through posts as far back as 1984.
Then it was bought by some money hungry dotcom wannabe marketing assholes, who proceeded to gut all the best parts of the site. First they eliminated all the oldest posts, just to focus on more recent content. Then they changed the interface to be all marketing oriented, but backed off when hits dropped to less than 10% of the pre-change interface. They now hide the "classic deja" interface as much as they can, and prevent any direct linking into the interface. They tried to become a portal, but nobody ever used the site as a portal.
More recently, hits have dropped to an all time low, so the idiots in charge decided to alienate even more users by dropping all posts more than 1 year old from the search engines. They claimed that no more than 25% of searchers were looking for articles going back more than 1 year. Since then deja hits are even lower.
Now they are desperate to generate a few more clicks by throwing links all over other peoples posts. Look at all the complaints it is generating on
Read some of the doom and gloom sites for details on the withdrawn IPO and laying off 20% or more of their workforce. The layoffs were mostly in the technical and support groups, as management focuses on re-inventing marketing on the site.
Soon, deja will be completely forgotten as a resource on the internet. I've almost stopped using it, but I haven't found any good replacement.
the AC